Authenticate a user Added in 5.5.0
Authenticates a user and returns information about the authenticated user. Include the user information in a basic auth header. A successful call returns a JSON structure that shows user information such as their username, the roles that are assigned to the user, any assigned metadata, and information about the realms that authenticated and authorized the user. If the user cannot be authenticated, this API returns a 401 status code.
GET /_security/_authenticate
curl \
-X GET http://api.example.com/_security/_authenticate
Response examples (200)
{
"api_key": {
"creation": 42.0,
"expiration": 42.0,
"id": "string",
"invalidated": true,
"name": "string",
"realm": "string",
"realm_type": "string",
"username": "string",
"profile_uid": "string",
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"role_descriptors": {
"additionalProperty1": {
"cluster": [
"string"
],
"indices": [
{
"field_security": {},
"names": "string",
"privileges": [
"string"
],
"allow_restricted_indices": true
}
],
"global": [
{}
],
"applications": [
{
"application": "string",
"privileges": [
"string"
],
"resources": [
"string"
]
}
],
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"run_as": [
"string"
],
"description": "string",
"transient_metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
}
},
"additionalProperty2": {
"cluster": [
"string"
],
"indices": [
{
"field_security": {},
"names": "string",
"privileges": [
"string"
],
"allow_restricted_indices": true
}
],
"global": [
{}
],
"applications": [
{
"application": "string",
"privileges": [
"string"
],
"resources": [
"string"
]
}
],
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"run_as": [
"string"
],
"description": "string",
"transient_metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
}
}
},
"limited_by": [
{
"additionalProperty1": {
"cluster": [
"string"
],
"indices": [
{}
],
"global": [
{}
],
"applications": [
{}
],
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"run_as": [
"string"
],
"description": "string",
"transient_metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
}
},
"additionalProperty2": {
"cluster": [
"string"
],
"indices": [
{}
],
"global": [
{}
],
"applications": [
{}
],
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"run_as": [
"string"
],
"description": "string",
"transient_metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
}
}
}
],
"_sort": [
42.0
]
},
"authentication_realm": {
"name": "string",
"type": "string"
},
"email": "string",
"full_name": "string",
"lookup_realm": {
"name": "string",
"type": "string"
},
"metadata": {
"additionalProperty1": {},
"additionalProperty2": {}
},
"roles": [
"string"
],
"username": "string",
"enabled": true,
"authentication_type": "string",
"token": {
"name": "string",
"type": "string"
}
}